Hackers penetrated the internal computer systems of the retailer Neiman Marcus to steal customer credit card information five months before the company learned of the breach, The New York Times revealed Thursday.

The company revealed in early January that its systems had been compromised and that customer credit card information was stolen and fraudulently used, but did not reveal when the attack had occurred.

“We did not get our first alert that there might be something wrong until mid-December. We didn’t find evidence until January 1,” a spokesperson for the company told Reuters.

But sources familiar with the investigation told the Times that the initial intrusion happened as early as mid-July last year, and that the company admitted it had not fully contained the problem until Sunday.

Neiman Marcus has not revealed how many credit cards were affected. News that its systems had been compromised as early as July last year places the Neiman Marcus hack months ahead of the Target hack last year, in which the credit card information of roughly 70 million customers was pilfered.